Ask Your Question

Guy Harris's profile - karma

Guy Harris's karma change log

10 0 How to filter packets with BPF in a C++ program when they're not read from a live capture or pcap/pcap-ng file? ( 2021-01-29 22:20:25 +0000 )

0 -15 what is the best way to clean up in extcap? ( 2021-01-06 00:55:25 +0000 )

15 0 what is the best way to clean up in extcap? ( 2021-01-06 00:55:19 +0000 )

0 -15 what is the best way to clean up in extcap? ( 2021-01-06 00:55:09 +0000 )

15 0 what is the best way to clean up in extcap? ( 2021-01-06 00:55:04 +0000 )

10 0 Bluetooth traffic not seen by Wireshark on Windows ( 2021-01-05 22:27:14 +0000 )

15 0 Bluetooth traffic not seen by Wireshark on Windows ( 2021-01-05 22:27:11 +0000 )

15 0 Load dll dissector from Windows to Linux ( 2021-01-04 09:14:57 +0000 )

15 0 Capitalising hex strings in dissector field output? ( 2020-12-23 22:37:39 +0000 )

15 0 How to add a column from ProtoField value ( 2020-11-29 22:27:23 +0000 )

15 0 Promiscuous mode and switch ( 2020-11-26 15:18:39 +0000 )

10 0 Promiscuous mode and switch ( 2020-11-25 18:11:14 +0000 )

0 -15 Wireshark For External URL? ( 2020-11-17 13:43:01 +0000 )

15 0 Wireshark For External URL? ( 2020-11-17 13:42:59 +0000 )

0 -15 Wireshark For External URL? ( 2020-11-17 13:42:58 +0000 )

15 0 Wireshark For External URL? ( 2020-11-17 12:52:16 +0000 )

15 0 wireshark dissect message again when I click the message ( 2020-11-02 10:17:29 +0000 )

15 0 Problem trying to capture on a remote machine using ssh to run dumpcap on the remote machine ( 2020-09-22 10:36:19 +0000 )

10 0 check udp payload in wireshark ( 2020-09-22 02:45:18 +0000 )

15 0 lua dissector absolute time ( 2020-09-16 06:52:03 +0000 )

10 0 Monitor mode capture on macOS Catalina is not seeing any packets ( 2020-08-15 05:40:10 +0000 )

10 0 How frame number determined ( 2020-08-13 13:02:55 +0000 )

15 0 How frame number determined ( 2020-08-13 10:17:22 +0000 )

10 0 TFTP packet size and MTU ( 2020-08-09 21:15:42 +0000 )

15 0 tshark with --export-dicom gives “Segmentation fault (core dumped)” ( 2020-07-27 09:44:00 +0000 )

15 0 Type for Dissecting n-bit Quantities ( 2020-06-30 15:00:07 +0000 )

15 0 I can't see the interfaces of my computer ( 2020-06-21 15:27:20 +0000 )

10 0 Help installing PCAP WPCAP in Windows 7 64 bits (syswow64-system32) ( 2020-06-15 04:39:32 +0000 )

10 0 wireshark enabled "promisc" mode but ifconfig displays not ( 2020-06-03 20:46:50 +0000 )

15 0 Wireshark OUI Lookup Tool Broken ( 2020-05-21 21:10:37 +0000 )

15 0 Dissector that decodes payload on another layer ( 2020-05-17 06:25:30 +0000 )

15 0 Converting Pcap file to CSV file while defautly keeping all features/fields defined in pcap ( 2020-05-13 07:24:55 +0000 )

15 0 How to enable rpcap support in linux version ( 2020-05-04 09:51:56 +0000 )

10 0 How to enable rpcap support in linux version ( 2020-04-30 10:33:42 +0000 )

15 0 Problems post install with npcap killing network connection ( 2020-04-22 02:01:29 +0000 )

0 -15 Problems post install with npcap killing network connection ( 2020-04-22 02:01:22 +0000 )

15 0 Problems post install with npcap killing network connection ( 2020-04-22 02:01:17 +0000 )

10 0 What's a capture filter that captures only RIP and OSPF packets? ( 2020-04-12 12:24:21 +0000 )

10 0 vlan tag missing in packets captured using custom socket but visible in wireshark ( 2020-04-01 11:38:37 +0000 )

15 0 What Is The Endianness of Captured Packet Headers? ( 2020-03-31 13:48:14 +0000 )

10 0 Why does Wireshark not capture any data when in monitor mode on my Mac? ( 2020-03-28 08:44:33 +0000 )

15 0 Merge binary data of multiple packets ( 2020-03-26 06:51:30 +0000 )

15 0 RFC8613 Object Security for Constrained RESTful Environments (OSCORE) defines the Coap Option number 9 as OSCORE Option. Wireshark seems to use the number 21 instead. Is there a newer Wireshark version that will follow RFC8613? ( 2020-03-24 04:01:33 +0000 )

0 -15 RFC8613 Object Security for Constrained RESTful Environments (OSCORE) defines the Coap Option number 9 as OSCORE Option. Wireshark seems to use the number 21 instead. Is there a newer Wireshark version that will follow RFC8613? ( 2020-03-24 04:01:32 +0000 )

15 0 RFC8613 Object Security for Constrained RESTful Environments (OSCORE) defines the Coap Option number 9 as OSCORE Option. Wireshark seems to use the number 21 instead. Is there a newer Wireshark version that will follow RFC8613? ( 2020-03-24 04:01:25 +0000 )

0 -15 RFC8613 Object Security for Constrained RESTful Environments (OSCORE) defines the Coap Option number 9 as OSCORE Option. Wireshark seems to use the number 21 instead. Is there a newer Wireshark version that will follow RFC8613? ( 2020-03-24 04:01:24 +0000 )

15 0 RFC8613 Object Security for Constrained RESTful Environments (OSCORE) defines the Coap Option number 9 as OSCORE Option. Wireshark seems to use the number 21 instead. Is there a newer Wireshark version that will follow RFC8613? ( 2020-03-24 04:01:04 +0000 )

10 0 Frame Arrival Time drift ( 2020-03-22 02:43:40 +0000 )

10 0 If a request is being sent via unicast or broadcast, would that show in the destination or source address? ( 2020-03-09 18:32:51 +0000 )

10 0 What's a display filter that only shows packets with a particular UDP source port number? ( 2020-03-09 18:32:17 +0000 )

15 0 Wireshark source repository not found ( 2020-03-05 04:55:10 +0000 )

15 0 How can I read a hex dump of packet data from TShark, filter it with a Python program, and write it out as a capture file? ( 2019-12-31 07:16:08 +0000 )

15 0 radiotap.mcs.format erroneously = greenfield (1) ( 2019-12-19 19:58:18 +0000 )

15 0 rsyslog RSH packet ( 2019-12-19 10:20:46 +0000 )

15 0 How can I display DNS time to live (TTL) in Days Hours Minutes Seconds format? ( 2019-12-08 01:58:10 +0000 )

15 0 Positive value of antenna signal ( 2019-12-04 07:18:10 +0000 )

15 0 Does uninstallation of wireshark in RHEL requires a reboot? ( 2019-11-18 09:45:15 +0000 )

0 -15 Does uninstallation of wireshark in RHEL requires a reboot? ( 2019-11-18 09:45:14 +0000 )

15 0 Does uninstallation of wireshark in RHEL requires a reboot? ( 2019-11-18 09:45:09 +0000 )

10 0 Capturing USB traffic in macOS Catalina ( 2019-11-02 05:21:11 +0000 )

10 0 Why isn't Wireshark marked as malware by Antivirus? ( 2019-10-28 20:45:39 +0000 )

15 0 How can I capture Bluetooth packets without any dongle by macOS? ( 2019-10-26 06:24:12 +0000 )

10 0 Protecting a proprietary protocol ( 2019-09-23 19:27:21 +0000 )

0 -15 IPv4 total length exceeds packet length - always 8.0.69.0! ( 2019-09-20 08:27:37 +0000 )

15 0 IPv4 total length exceeds packet length - always 8.0.69.0! ( 2019-09-20 08:27:35 +0000 )

10 0 IPv4 total length exceeds packet length - always 8.0.69.0! ( 2019-09-19 21:53:37 +0000 )

10 0 use ip address to capture traffic? ( 2019-09-06 13:46:49 +0000 )

10 0 how to move wireshark to system tray when it is minimized ( 2019-08-13 10:16:07 +0000 )

10 0 From where does wireshark get the traffic? Where does it reside? ( 2019-08-08 19:28:32 +0000 )

15 0 On Windows, "Save File As" and "Save" get "File cannot be found" error ( 2019-08-03 01:12:38 +0000 )

10 0 Ethernet hardware loopback ( 2019-07-23 10:14:43 +0000 )

15 0 Ethernet hardware loopback ( 2019-07-22 18:31:06 +0000 )

0 0 Tshark piped and filtered ( 2019-07-19 20:49:48 +0000 )

15 0 How to call a Wireshark plugin protocol dissector programmatically? ( 2019-07-10 06:55:21 +0000 )

15 0 Installation of version 3.0.2 fails due to vcredist_x64.exe location. ( 2019-06-20 22:52:34 +0000 )

15 0 How to read values of type 'Label' ( 2019-05-31 11:40:48 +0000 )

15 0 How exactly does tshark -z hosts come up with the list? ( 2019-05-30 18:16:47 +0000 )

10 0 Mac and Windows different versions of wireshark? ( 2019-05-16 03:52:21 +0000 )

15 0 Why is Wireshark reporting Skype traffic on a network with no Skype traffic? ( 2019-05-14 18:44:59 +0000 )

10 0 Wireshark sees Ethernet LLC, but packet is probably Ethernet raw ( 2019-05-09 15:05:45 +0000 )

10 0 Do you support USB Ethernet adapters? ( 2019-05-05 09:14:06 +0000 )

15 0 encapsulated multipart decoding in latest wireshark version ( 2019-05-03 06:37:16 +0000 )

10 0 Why are multiple versions released at once ( 2019-04-09 22:38:29 +0000 )

10 0 Why are multiple versions released at once ( 2019-04-09 12:23:00 +0000 )

10 0 Why are multiple versions released at once ( 2019-04-09 06:42:36 +0000 )

10 0 Is it possible to capture packets on all available interfaces simultaneously? ( 2019-03-28 13:53:27 +0000 )

15 0 sshdump does not connect and provides no error ( 2019-03-22 13:36:10 +0000 )

15 0 specific layer protocols ( 2019-03-18 05:22:51 +0000 )

15 0 Using Tshark to remove malformed packets ( 2019-03-18 04:50:34 +0000 )

0 -15 Why is a dissector called multiple times? ( 2019-03-12 02:40:49 +0000 )

15 0 Why is a dissector called multiple times? ( 2019-03-12 02:40:38 +0000 )

10 0 Capturing on DPDK interface ( 2019-03-08 22:16:16 +0000 )

15 0 I have Windows Server 2008; where can I get Wireshark 2.2? ( 2019-03-07 14:26:57 +0000 )

15 0 My modified tshark fails with "file type short name already exists" ( 2019-03-05 16:36:30 +0000 )

10 0 Tshark command to output the original source and destination IPs of an icmp.type==3 code==4 packet. ( 2019-03-03 11:50:25 +0000 )

15 0 Tshark command to output the original source and destination IPs of an icmp.type==3 code==4 packet. ( 2019-03-03 11:49:56 +0000 )

10 0 "Trailing stray characters" warning ( 2019-02-27 19:27:54 +0000 )

15 0 Reviewing a pcap how do i uncover version of php running? ( 2019-02-22 00:58:15 +0000 )

15 0 Response times = delta times after reordering (sorting) the row values. ( 2019-02-18 07:27:21 +0000 )

10 0 Response times = delta times after reordering (sorting) the row values. ( 2019-02-17 11:38:58 +0000 )